Skip to content

Upgrade ShieldBuilder to validate FactorSourceKind for ROLA factors #2469

Upgrade ShieldBuilder to validate FactorSourceKind for ROLA factors

Upgrade ShieldBuilder to validate FactorSourceKind for ROLA factors #2469

Workflow file for this run

# Testing CI - Runs on each PR and Push
name: Test
on:
pull_request:
push:
branches:
- main
permissions:
id-token: write
contents: read
env:
CARGO_TERM_COLOR: always
RUST_TOOLCHAIN: nightly-2024-07-30
RUST_COMPONENTS: "rust-std"
SWIFT_CODE_COV_REPORT_PATH: ".build/artifacts/info.lcov" # chosen
jobs:
# typos
check-typos:
runs-on: ubuntu-latest
steps:
- uses: RDXWorks-actions/checkout@main
- name: Install Rust Toolchain
uses: RDXWorks-actions/toolchain@master
with:
toolchain: ${{ env.RUST_TOOLCHAIN }}
default: true
profile: minimal
- name: Install typos
uses: RDXWorks-actions/cargo-install@main
with:
crate: typos-cli
version: 1.22.7
- name: Check typos
run: typos
# version bump
check-version:
runs-on: ubuntu-latest
steps:
- name: Checkout repository
uses: RDXWorks-actions/checkout@main
with:
fetch-depth: 0 # Ensure the full git history is fetched
- name: Fetch all tags
run: git fetch --tags
- name: Get latest tag
id: get_latest_tag
run: |
latest_tag=$(git describe --tags `git rev-list --tags --max-count=1`)
echo "Latest tag is $latest_tag"
echo "latest_tag=$latest_tag" >> $GITHUB_ENV
- name: Verify Cargo.toml version bump
run: |
# Extract the version from the latest tag
latest_tag_version=$latest_tag
# Extract the version from both Cargo.toml in the PR branch
pr_version_sargon=$(grep '^version' crates/sargon/Cargo.toml | sed 's/version = "\(.*\)"/\1/')
pr_version_sargon_uniffi=$(grep '^version' crates/sargon-uniffi/Cargo.toml | sed 's/version = "\(.*\)"/\1/')
echo "Latest tag version: $latest_tag_version"
echo "PR version sargon: $pr_version_sargon"
echo "PR version sargon-uniffi: $pr_version_sargon_uniffi"
# Check if sargon and sargon-uniffi versions match
if [ "$pr_version_sargon" != "$pr_version_sargon_uniffi" ]; then
echo "Error: sargon version ($pr_version_sargon) does not match sargon-uniffi version ($pr_version_sargon_uniffi)."
exit 1
fi
# Split the versions into major, minor, and patch components
IFS='.' read -r -a tag_version_parts <<< "$latest_tag_version"
IFS='.' read -r -a pr_version_parts <<< "$pr_version_sargon"
major_diff=$((pr_version_parts[0] - tag_version_parts[0]))
minor_diff=$((pr_version_parts[1] - tag_version_parts[1]))
patch_diff=$((pr_version_parts[2] - tag_version_parts[2]))
# Check if the PR version is a valid bump
if [ "$major_diff" -eq 1 ] && [ "${pr_version_parts[1]}" -eq 0 ] && [ "${pr_version_parts[2]}" -eq 0 ]; then
echo "Major version bump valid!"
elif [ "$major_diff" -eq 0 ] && [ "$minor_diff" -eq 1 ] && [ "${pr_version_parts[2]}" -eq 0 ]; then
echo "Minor version bump valid!"
elif [ "$major_diff" -eq 0 ] && [ "$minor_diff" -eq 0 ] && [ "$patch_diff" -eq 1 ]; then
echo "Patch version bump valid!"
else
echo "Version bump is invalid!"
exit 1
fi
# phylum
phylum-analyze:
if: ${{ github.event.pull_request }}
uses: radixdlt/public-iac-resuable-artifacts/.github/workflows/phylum-analyze.yml@main
permissions:
id-token: write
pull-requests: write
contents: read
deployments: write
secrets:
phylum_api_key: ${{ secrets.PHYLUM_API_KEY }}
with:
phylum_pr_number: ${{ github.event.number }}
phylum_pr_name: ${{ github.head_ref }}
phylum_group_name: Wallet
phylum_project_id: fb999d0c-b260-474e-8c08-2f163aa2c75f
github_repository: ${{ github.repository }}
add_report_comment_to_pull_request: true
# cargo check
check-cargo-check:
runs-on: ubuntu-latest
steps:
- uses: RDXWorks-actions/checkout@main
- name: Install Rust Toolchain
uses: RDXWorks-actions/toolchain@master
with:
toolchain: ${{ env.RUST_TOOLCHAIN }}
default: true
profile: minimal
- name: Cargo Check
run: cargo check --all
# cargo fmt check
check-formatting:
runs-on: ubuntu-latest
steps:
- uses: RDXWorks-actions/checkout@main
- name: Install Rust Toolchain
uses: RDXWorks-actions/toolchain@master
with:
toolchain: ${{ env.RUST_TOOLCHAIN }}
default: true
components: rustfmt
- name: Check formatting
run: cargo fmt --check
# clippy
check-clippy:
runs-on: ubuntu-latest
steps:
- uses: RDXWorks-actions/checkout@main
- name: Install Rust Toolchain
uses: RDXWorks-actions/toolchain@master
with:
toolchain: ${{ env.RUST_TOOLCHAIN }}
default: true
components: clippy
- name: Clippy Check
run: cargo clippy --all -- -D warnings
# Rust unit, doc and integration
test-rust:
runs-on: ubuntu-latest
steps:
- uses: RDXWorks-actions/checkout@main
- name: Install cargo nextest
uses: RDXWorks-actions/cargo-install@v1
with:
crate: cargo-nextest
locked: true
- name: Install Rust Toolchain
uses: RDXWorks-actions/toolchain@master
with:
toolchain: ${{ env.RUST_TOOLCHAIN }}
default: true
- name: Run rust tests
run: cargo nextest run --all
# Swift formatting
check-swift-format:
name: "Swift format"
if: >
( github.event.action == 'opened' && github.event.pull_request.draft == false ) ||
( github.event.pull_request.draft == false && github.event.action == 'synchronize' ) ||
( github.event.action == 'ready_for_review' ) ||
( github.event_name == 'push' && github.ref == 'refs/heads/main' )
runs-on: macos-15-xlarge
steps:
- uses: RDXWorks-actions/checkout@main
- name: "Run Lint"
run: |
brew update
brew upgrade swiftformat
swiftformat . --lint
# Swift testing on macOS (Apple Silicon)
test-swift:
runs-on: macos-15-xlarge
timeout-minutes: 20
steps:
- uses: RDXWorks-actions/checkout@main
- uses: RDXWorks-actions/setup-xcode@master
with:
xcode-version: "16.0.0"
- name: Install Rust Toolchain for aarch64-apple-darwin
uses: RDXWorks-actions/toolchain@master
with:
toolchain: ${{ env.RUST_TOOLCHAIN }}
target: aarch64-apple-darwin
- name: Build for macOS target and run swift test
env:
GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
run: |
rustup target add aarch64-apple-darwin
sh ./scripts/ios/test.sh --build --codecov ${{ env.SWIFT_CODE_COV_REPORT_PATH }}
- name: Upload to CodeCov.io
uses: RDXWorks-actions/codecov-action@main
with:
token: ${{ secrets.CODECOV_TOKEN }}
fail_ci_if_error: true
files: ${{ env.SWIFT_CODE_COV_REPORT_PATH }}
name: codecov-swift
flags: swift
# Kotlin test run on JVM on macOS (Apple Silicon)
test-kotlin:
runs-on: ubuntu-latest
steps:
- uses: RDXWorks-actions/checkout@main
- name: Remove unused software
run: |
sudo rm -rf \
"$AGENT_TOOLSDIRECTORY" \
/opt/google/chrome \
/opt/microsoft/msedge \
/opt/microsoft/powershell \
/opt/pipx \
/usr/lib/mono \
/usr/local/julia* \
/usr/local/lib/node_modules \
/usr/local/share/chromium \
/usr/local/share/powershell \
/usr/share/dotnet \
/usr/local/share/boost \
/opt/ghc
- name: Install Rust Toolchain for x86_64-unknown-linux-gnu
uses: RDXWorks-actions/toolchain@master
with:
toolchain: ${{ env.RUST_TOOLCHAIN }}
components: ${{ env.RUST_COMPONENTS }}
target: x86_64-unknown-linux-gnu
default: 'true'
- name: Set up JDK 17
uses: RDXWorks-actions/setup-java@v3
with:
distribution: "adopt"
java-version: "17"
- name: Setup Android SDK
uses: RDXWorks-actions/setup-android@v2
- name: Unit test with coverage
uses: RDXWorks-actions/gradle-build-action@main
with:
arguments: sargon-android:koverXmlReportDebug
build-root-directory: jvm
- name: Upload to CodeCov.io
uses: RDXWorks-actions/codecov-action@main
with:
token: ${{ secrets.CODECOV_TOKEN }}
fail_ci_if_error: true
file: ./jvm/sargon-android/build/reports/kover/reportDebug.xml
name: codecov-jvm
flags: kotlin
# Code Coverage uses Tarpaulin and uploads to CodeCov.io
code-coverage:
runs-on: macos-15-xlarge
steps:
- uses: RDXWorks-actions/checkout@main
- uses: RDXWorks-actions/setup-xcode@master
with:
# trying to fix https://github.com/rust-lang/rust/issues/113783
xcode-version: "16.0.0"
- name: Install Rust Toolchain
uses: RDXWorks-actions/toolchain@master
with:
toolchain: ${{ env.RUST_TOOLCHAIN }}
default: true
- name: Install cargo tarpaulin
uses: RDXWorks-actions/cargo-install@main
with:
crate: cargo-tarpaulin
tag: 0.30.0
locked: true
- name: Code Coverage - Generate
run: cargo tarpaulin
- name: Code Coverage - Upload to CodeCov.io
uses: RDXWorks-actions/codecov-action@main
with:
token: ${{ secrets.CODECOV_TOKEN }}
fail_ci_if_error: true
flags: rust